class CommentsController < ApplicationController

#  http_basic_authenticate_with :name => "dhh", :password => "secret", :only => :destroy  

  USER, PASSWORD = 'dhh', 'secret'
  before_filter :authentication_check, :only => :destroy

  def create
    @post = Post.find(params[:post_id])
    @comment = @post.comments.create(params[:comment])
    redirect_to post_path(@post)
  end
 
  def destroy
    @post = Post.find(params[:post_id])
    @comment = @post.comments.find(params[:id])
    @comment.destroy
    redirect_to post_path(@post)
  end

  private
   def authentication_check
    authenticate_or_request_with_http_basic do |user, password|
    user == USER && password == PASSWORD
   end
  end

end
